Abstract
In an industrial control system, a programmable logic controller (PLC) plays a vital role in maintaining the stable operation of the system. Cyber-attacks can affect the regular operation by tampering with the data stored in the PLC, thereby damaging to the system. Thus, it is particularly important to develop an efficient cyber-attacks recovery method. However, owing to the impact of unknown factors in theoretical methods, poor scalability of automaton theory, and a lack of constraints during the training process of deep learning network models, the restoration accuracy and stability are low. Therefore, it is a significant challenge to design an appropriate method to improve the accuracy and stability of cyber-attacks recovery. In this study, the generative adversarial networks were applied to the problem of cyber-attacks recovery; furthermore, a multi-stage generative adversarial networks was designed. The model consisted of a Variational Autoencoder and two conditional energy-based generative adversarial networks (CEBGANs). Then the second CEBGAN uses the fitted random noise appending with the data generated by the previous stage and the historical data as additional information to obtain the restoration results. Moreover, a self-adaptive decision policy was established to enhance the restoration accuracy and stability. Experimental results demonstrated that the proposed method in this manuscript could effectively improve the accuracy of cyber-attacks data recovery and reduce the possibility of outliers in data recovery.
Similar content being viewed by others
Data Availability
The datasets generated during and/or analysed during the current study are available from the corresponding author on reasonable request.
References
Kravchik M, Shabtai A (2021) Efficient cyber-attack detection in industrial control systems using lightweight neural networks and pca. IEEE Trans Dependable Secur Comput 19:2179–2197
Krebs B (2012) Fbi: Smart meter hacks likely to spread. Krebs on Security. http://krebsonsecurity.com/2012/04/fbi-smart-meter-hacks-likely-to-spread/. Accessed on 25 Apr 2012
Ma R, Basumallik S, Eftekharnejad S, Kong F (2020) Recovery-based model predictive control for cascade mitigation under cyber-physical attacks. In: 2020 IEEE Texas Power and Energy Conference (TPEC), IEEE, pp 1–6
Punnekkat S, Burns A, Davis R (2001) Analysis of checkpointing for real-time systems. Real-Time Syst 20(1):83–102
Kong F, Xu M, Weimer J, Sokolsky O, Lee I (2018) Cyber-physical system checkpointing and recovery. In: 2018 ACM/IEEE 9th International Conference on Cyber-Physical Systems (ICCPS), IEEE, pp 22–31
Wang H, Wen X, Xu Y, Zhou B, Peng J-C, Liu W (2020) Operating state reconstruction in cyber physical smart grid for automatic attack filtering. IEEE Trans Ind Inform 18:2909–2922
Alguliyev R, Imamverdiyev Y, Sukhostat L (2021) Hybrid deepgcl model for cyber-attacks detection on cyber-physical systems. Neural Comput Appl 33:10211–10226
Wu T, Xue W, Wang H, Chung C, Wang G, Peng J, Yang Q (2020) Extreme learning machine-based state reconstruction for automatic attack filtering in cyber physical power system. IEEE Trans Ind Inform 17(3):1892–1904
Ruan J, Liang G, Zhao J, Qiu J, Dong ZY (2022) An inertia-based data recovery scheme for false data injection attack. IEEE Trans Ind Inform 18(11):7814–7823
Jin Z, Liu M, Deng R, Cheng P (2022) Distributed data recovery against false data injection attacks in dc microgrids. In: 2022 IEEE international conference on communications, control, and computing technologies for smart grids (SmartGridComm), IEEE, pp 265–270
Song X, Guo Y, Li N, Liu J (2021) Dynamic missing data recovery method with low complexity in internet of things. In: 2021 7th International conference on computer and communications (ICCC), IEEE, pp 2091–2095
Zhang M-Q, Luo X-L (2023) Static and incremental robust kernel factorization embedding graph regularization supporting ill-conditioned industrial data recovery. Expert Syst Appl 213:118921
Josephlal EFM, Adepu S, Yang Z, Zhou J (2021) Enabling isolation and recovery in plc redundancy framework of metro train systems. Int J Inf Secur 2021:1–13
Pajic M, Weimer J, Bezzo N, Tabuada P, Sokolsky O, Lee I, Pappas GJ (2014) Robustness of attack-resilient state estimators. In: 2014 ACM/IEEE international conference on cyber-physical systems (ICCPS), IEEE, pp 163–174
Pearce H, Pinisetty S, Roop PS, Kuo MM, Ukil A (2019) Smart i/o modules for mitigating cyber-physical attacks on industrial control systems. IEEE Trans Ind Inform 16(7):4659–4669
Elnaggar M, Bezzo N (2018) An irl approach for cyber-physical attack intention prediction and recovery. In: 2018 Annual American control conference (ACC), IEEE, pp 222–227
Wu T, Zhang Y-JA, Liu Y, Lau WC, Xu H (2020) Missing data recovery in large power systems using network embedding. IEEE Trans Smart Grid 12(1):680–691
Wang X, Shi D, Wang J, Yu Z, Wang Z (2019) Online identification and data recovery for PMU data manipulation attack. IEEE Trans Smart Grid 10(6):5889–5898
Li Y, Wang Y, Hu S (2019) Online generative adversary network based measurement recovery in false data injection attacks: a cyber-physical approach. IEEE Trans Ind Inform 16(3):2031–2043
Wei F, Wan Z, He H (2019) Cyber-attack recovery strategy for smart grid based on deep reinforcement learning. IEEE Trans Smart Grid 11(3):2476–2486
Wang B, Liu D, Peng Y, Peng X (2019) Multivariate regression-based fault detection and recovery of uav flight data. IEEE Trans Instrum Meas 69(6):3527–3537
Wang H, Ouyang Y (2022) Adaptive data recovery model for PMU data based on SDAE in transient stability assessment. IEEE Trans Instrum Meas 71:1–11
Lin Q, Bao X, Li C (2022) Deep learning based missing data recovery of non-stationary wind velocity. J Wind Eng Ind Aerodyn 224:104962
Ma Y, Yang J, Feng J, Wang H, Li Y, Li Y (2022) Load data recovery method based on SOM-LSTM neural network. Energy Rep 8:129–136
Hu X, Zhang H, Ma D, Wang R (2022) Hierarchical pressure data recovery for pipeline network via generative adversarial networks. IEEE Trans Autom Sci Eng 19(3):1960–1970
Liu L, Liu Y (2022) Load image inpainting: an improved u-net based load missing data recovery method. Appl Energy 327:119988
Yu Y, Li VOK, Lam JCK (2022) Missing air pollution data recovery based on long-short term context encoder. IEEE Trans Big Data 8(3):711–722
Yu Y, Li VOK, Lam JCK (2023) Hierarchical recovery of missing air pollution data via improved long-short term context encoder network. IEEE Trans Big Data 9(1):93–105
Khaled A, Han J-J, Ghaleb TA (2022) Multi-model medical image segmentation using multi-stage generative adversarial networks. IEEE Access 10:28590–28599
Zhang H, Xu T, Li H, Zhang S, Wang X, Huang X, Metaxas DN (2017) Stackgan: text to photo-realistic image synthesis with stacked generative adversarial networks. In: Proceedings of the IEEE international conference on computer vision, pp 5907–5915
Zhang H, Xu T, Li H, Zhang S, Wang X, Huang X, Metaxas DN (2018) Stackgan++: realistic image synthesis with stacked generative adversarial networks. IEEE Trans Pattern Anal Mach Intell 41(8):1947–1962
Peng D, Yang W, Liu C, Lü S (2021) Sam-gan: self-attention supporting multi-stage generative adversarial networks for text-to-image synthesis. Neural Netw 138:57–67
Xiong W, Luo W, Ma L, Liu W, Luo J (2018) Learning to generate time-lapse videos using multi-stage dynamic generative adversarial networks. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp 2364–2373
Vatanparvar K, Al Faruque MA (2019) Self-secured control with anomaly detection and recovery in automotive cyber-physical systems. In: 2019 Design, automation & test in Europe conference & exhibition (DATE), IEEE, pp 788–793
Skopik F, Landauer M, Wurzenberger M, Vormayr G, Milosevic J, Fabini J, Prüggler W, Kruschitz O, Widmann B, Truckenthanner K et al (2020) Synergy: cross-correlation of operational and contextual data to timely detect and mitigate attacks to cyber-physical systems. J Inf Secur Appl 54:102544
Shoukry Y, Martin P, Tabuada P, Srivastava M (2013) Non-invasive spoofing attacks for anti-lock braking systems. In: International conference on cryptographic hardware and embedded systems, Springer, pp 55–72
Rutkin AH (2013) Spoofers use fake GPS signals to knock a yacht off course. MIT
Petit J, Stottelaar B, Feiri M, Kargl F (2015) Remote attacks on automated vehicles sensors: experiments on camera and lidar. Black Hat Eur 11(2015):995
Maw A, Adepu S, Mathur A (2019) Ics-blockops: blockchain for operational data security in industrial control system. Pervasive Mob Comput 59:101048
Van Vliet P, Kechadi M-T, Le-Khac N-A (2015) Forensics in industrial control system: a case study. In: Security of Industrial Control Systems and Cyber Physical Systems, Springer, pp 147–156
Goodfellow I, Pouget-Abadie J, Mirza M, Xu B, Warde-Farley D, Ozair S, Courville A, Bengio Y (2020) Generative adversarial networks. Commun ACM 63(11):139–144
Zhang H, Goodfellow I, Metaxas D, Odena A (2019) Self-attention generative adversarial networks. In: International conference on machine learning, PMLR, pp 7354–7363
Goh J, Adepu S, Junejo KN, Mathur A (2016) A dataset to support research in the design of secure water treatment systems. In: International conference on critical information infrastructures security, Springer, pp 88–99
Rodofile NR, Schmidt T, Sherry ST, Djamaludin C, Radke K, Foo E (2017) Process control cyber-attacks and labelled datasets on s7comm critical infrastructure. In: Australasian conference on information security and privacy, Springer, pp 452–459
Li D, Chen D, Jin B, Shi L, Goh J, Ng S-K (2019) Mad-gan: multivariate anomaly detection for time series data with generative adversarial networks. In: International Conference on Artificial Neural Networks, Springer, pp 703–716
Acknowledgements
Foundation item: Beijing Natural Science Foundation (No. L192020). National Key Research and Development Project (Key Technologies and Applications of Security and Trusted Industrial Control System No. 2020YFB2009500).
Author information
Authors and Affiliations
Contributions
BT: conceptualization, methodology, investigation, data curation, writing—original draft, visualization, software, validation. YL: supervision, writing—review & editing, investigation, formal analysis. MS: validation, investigation, data curation, visualization. YW: formal analysis, supervision, writing—review & editing, project administration. JL: formal analysis, supervision, writing—review & editing, project administration.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this manuscript.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Tian, B., Lai, Y., Sun, M. et al. MSGAN: multi-stage generative adversarial network-based data recovery in cyber-attacks. Neural Comput & Applic 35, 20675–20695 (2023). https://doi.org/10.1007/s00521-023-08791-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00521-023-08791-8